In preface, I almost know enough about transport security to be
dangerous so I'm hoping someone more knowledgeable will clarify for
me...
In section 5.3.1 of draft-ietf-taps-interface-02 a number of different
security parameters are proposed:
````
SecurityParameters.AddIdentity(identity)
SecurityParameters.AddPrivateKey(privateKey, publicKey)
SecurityParameters.AddSupportedGroup(secp256k1)
SecurityParameters.AddCiphersuite(TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256)
SecurityParameters.AddSignatureAlgorithm(ed25519)
SecurityParameters.SetSessionCacheCapacity(MAX_CACHE_ELEMENTS)
SecurityParameters.SetSessionCacheLifetime(SECONDS_PER_DAY)
SecurityParameters.SetSessionCachePolicy(CachePolicyOneTimeUse)
SecurityParameters.AddPreSharedKey(key, identity)
````
Aren't there relationships between them? Like you might have some
support for multiple identities, cyphersuites, and pre-shared keys but
they don't all work with each other. In other words, maybe this is more
of a tree than a flat space.
--aaron
_______________________________________________
Taps mailing list
Taps@ietf.org
https://www.ietf.org/mailman/listinfo/taps